Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 2 Sep 2004 14:30:03 -0400
From:      Charles Swiger <cswiger@mac.com>
To:        rip <rip@bronzedragon.net>
Cc:        freebsd-net@freebsd.org
Subject:   Re: 3 NICs - 1 upstream, 2 downstream  to same subnet??
Message-ID:  <1B4160E2-FD0E-11D8-A54A-003065A20588@mac.com>
In-Reply-To: <413763C1.90208@bronzedragon.net>
References:  <413763C1.90208@bronzedragon.net>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
On Sep 2, 2004, at 2:17 PM, rip wrote:
> I am trying to make a configuration to isolate the WiFi APs on a 
> single segment. DHCP hands out 'good' addresses (10.0.0.x) to MACs it 
> recognizes and 'bad' (10.99.0.x) when the MAC does not match and is 
> taken from the common pool.
> I then will use ipfw to block the trespassers, but do a bit of data 
> collection at the same time. I don't expect much bad traffic here 
> since WEP will keep out the casual. Just a defense-in-depth thing.

What you're trying to do work actually give you much benefit to 
security: someone who wants to break in doesn't have to pay attention 
to the DHCP lease you give them, they can just assign themselves a good 
10.0.0.x address.

The second problem you are having is that you can't have two NIC on the 
same subnet.  The routing table needs interfaces to be unique so it 
doesn't have to guess which route should be used.

-- 
-Chuck



Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?1B4160E2-FD0E-11D8-A54A-003065A20588>